User API should be restricted with authentication

[jarias-lfx]

Summary

The user API should be restricted via GitHub, GitLab or LFID authentication.

Background

Currently the API doesn't require authentication, which creates a vulnerability.

Expected behavior

If an user attempts to call the user API using the userid, it shouldn't be accessible unless authenticated.

[lukaszgryglicki]

PR up: #4976.

[lukaszgryglicki]

Merged, prod PR will follow (after other tasks) but ideally I would like to know all consumers of this API.

[lukaszgryglicki]

Prod PR up: #4980 - please read details on this PR as it can only be merged when we make sure that FE sends the bearer token for /v2/user/{uuid} API.

[lukaszgryglicki]

PR #4980 merged, awaiting a green flag to make an EasyCLA release.